mrsk 0.14.0 → 0.15.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +38 -9
- data/lib/mrsk/cli/accessory.rb +7 -3
- data/lib/mrsk/cli/traefik.rb +8 -3
- data/lib/mrsk/commands/lock.rb +1 -1
- data/lib/mrsk/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 805fea2a31e95e22db8ae23481fdf3d6be14e5a8a5989d6aef9ca2251ac08587
|
4
|
+
data.tar.gz: cc1c11c3328d74378e1231cc5992fd7a10809475726c43fdd636b1f0f828882a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c75bfe0e9809d3c9c9b4f2702f0fdd4a0175dd8a722636b9e4b1d9b8067df1d82e87b72b70a57fc6dccc1579e818ad84df3f8dc624a67b5c61c7210d46fa9ea9
|
7
|
+
data.tar.gz: df69044159ddaafdd1d163b37b7dfddff2a359590f7b4133e9a3ce313d324f2ec20312da24c5bcb5ea99763950fda93b6310e71185f44025032e49a3db6b762b
|
data/README.md
CHANGED
@@ -63,6 +63,24 @@ This will:
|
|
63
63
|
|
64
64
|
Voila! All the servers are now serving the app on port 80. If you're just running a single server, you're ready to go. If you're running multiple servers, you need to put a load balancer in front of them. For subsequent deploys, or if your servers already have Docker and curl installed, you can just run `mrsk deploy`.
|
65
65
|
|
66
|
+
### Rails <7 usage
|
67
|
+
|
68
|
+
MRSK is not needed to be in your application Gemfile to be used. However, if you want to guarantee specific MRSK version in your CI/CD workflows, you can create a separate Gemfile for MRSK, for example, `gemfile/mrsk.gemfile`:
|
69
|
+
|
70
|
+
```ruby
|
71
|
+
source 'https://rubygems.org'
|
72
|
+
|
73
|
+
gem 'mrsk', '~> 0.14'
|
74
|
+
```
|
75
|
+
|
76
|
+
Bundle with `BUNDLE_GEMFILE=gemfiles/mrsk.gemfile bundle`.
|
77
|
+
|
78
|
+
After this MRSK can be used for deployment:
|
79
|
+
|
80
|
+
```sh
|
81
|
+
BUNDLE_GEMFILE=gemfiles/mrsk.gemfile bundle exec mrsk deploy
|
82
|
+
```
|
83
|
+
|
66
84
|
## Vision
|
67
85
|
|
68
86
|
In the past decade+, there's been an explosion in commercial offerings that make deploying web apps easier. Heroku kicked it off with an incredible offering that stayed ahead of the competition seemingly forever. These days we have excellent alternatives like Fly.io and Render. And hosted Kubernetes is making things easier too on AWS, GCP, Digital Ocean, and elsewhere. But these are all offerings that have you renting computers in the cloud at a premium. If you want to run on your own hardware, or even just have a clear migration path to do so in the future, you need to carefully consider how locked in you get to these commercial platforms. Preferably before the bills swallow your business whole!
|
@@ -123,6 +141,8 @@ This template can safely be checked into git. Then everyone deploying the app ca
|
|
123
141
|
|
124
142
|
If you need separate env variables for different destinations, you can set them with `.env.destination.erb` for the template, which will generate `.env.staging` when run with `mrsk envify -d staging`.
|
125
143
|
|
144
|
+
Note: If you utilize biometrics with 1Password you can remove the `session_token` related parts in the example and just call `op read op://Vault/Docker Hub/password -n`.
|
145
|
+
|
126
146
|
#### Bitwarden as a secret store
|
127
147
|
|
128
148
|
If you are using open source secret store like bitwarden, you can create `.env.erb` as a template which looks up the secrets.
|
@@ -206,13 +226,13 @@ ssh:
|
|
206
226
|
user: app
|
207
227
|
```
|
208
228
|
|
209
|
-
If you are using non-root user, you need to bootstrap your servers manually, before using them with MRSK. On Ubuntu, you'd do:
|
229
|
+
If you are using non-root user (`app` as above example), you need to bootstrap your servers manually, before using them with MRSK. On Ubuntu, you'd do:
|
210
230
|
|
211
231
|
```bash
|
212
232
|
sudo apt update
|
213
233
|
sudo apt upgrade -y
|
214
234
|
sudo apt install -y docker.io curl git
|
215
|
-
sudo usermod -a -G docker
|
235
|
+
sudo usermod -a -G docker app
|
216
236
|
```
|
217
237
|
|
218
238
|
### Using a proxy SSH host
|
@@ -622,6 +642,16 @@ traefik:
|
|
622
642
|
entrypoints.otherentrypoint.address: ':9000'
|
623
643
|
```
|
624
644
|
|
645
|
+
### Rebooting Traefik
|
646
|
+
|
647
|
+
If you make changes to Traefik args or labels, you'll need to reboot with:
|
648
|
+
|
649
|
+
`mrsk traefik reboot`
|
650
|
+
|
651
|
+
In production, reboot the Traefik containers one by one with a slower but safer approach, using a rolling reboot:
|
652
|
+
|
653
|
+
`mrsk traefik reboot --rolling`
|
654
|
+
|
625
655
|
### Configuring build args for new images
|
626
656
|
|
627
657
|
Build arguments that aren't secret can also be configured:
|
@@ -866,7 +896,7 @@ If you wish to remove the entire application, including Traefik, containers, ima
|
|
866
896
|
|
867
897
|
## Locking
|
868
898
|
|
869
|
-
Commands that are unsafe to run concurrently will take a deploy lock while they run. The lock is the `mrsk_lock
|
899
|
+
Commands that are unsafe to run concurrently will take a deploy lock while they run. The lock is the `mrsk_lock-<service>` directory on the primary server.
|
870
900
|
|
871
901
|
You can check the lock status with:
|
872
902
|
|
@@ -922,8 +952,8 @@ firing a JSON webhook. These variables include:
|
|
922
952
|
- `MRSK_RECORDED_AT` - UTC timestamp in ISO 8601 format, e.g. `2023-04-14T17:07:31Z`
|
923
953
|
- `MRSK_PERFORMER` - the local user performing the command (from `whoami`)
|
924
954
|
- `MRSK_SERVICE_VERSION` - an abbreviated service and version for use in messages, e.g. app@150b24f
|
925
|
-
- `MRSK_VERSION` -
|
926
|
-
- `MRSK_HOSTS` - a comma
|
955
|
+
- `MRSK_VERSION` - the full version being deployed
|
956
|
+
- `MRSK_HOSTS` - a comma-separated list of the hosts targeted by the command
|
927
957
|
- `MRSK_COMMAND` - The command we are running
|
928
958
|
- `MRSK_SUBCOMMAND` - optional: The subcommand we are running
|
929
959
|
- `MRSK_DESTINATION` - optional: destination, e.g. "staging"
|
@@ -940,9 +970,8 @@ Used for pre-build checks - e.g. there are no uncommitted changes or that CI has
|
|
940
970
|
3. pre-deploy
|
941
971
|
For final checks before deploying, e.g. checking CI completed
|
942
972
|
|
943
|
-
3. post-deploy - run after a deploy, redeploy or rollback
|
944
|
-
|
945
|
-
This hook is also passed a `MRSK_RUNTIME` env variable.
|
973
|
+
3. post-deploy - run after a deploy, redeploy or rollback.
|
974
|
+
This hook is also passed a `MRSK_RUNTIME` env variable set to the total seconds the deploy took.
|
946
975
|
|
947
976
|
This could be used to broadcast a deployment message, or register the new version with an APM.
|
948
977
|
|
@@ -953,7 +982,7 @@ The command could look something like:
|
|
953
982
|
curl -q -d content="[My App] ${MRSK_PERFORMER} Rolled back to version ${MRSK_VERSION}" https://3.basecamp.com/XXXXX/integrations/XXXXX/buckets/XXXXX/chats/XXXXX/lines
|
954
983
|
```
|
955
984
|
|
956
|
-
That'll post a line like
|
985
|
+
That'll post a line like the following to a preconfigured chatbot in Basecamp:
|
957
986
|
|
958
987
|
```
|
959
988
|
[My App] [dhh] Rolled back to version d264c4e92470ad1bd18590f04466787262f605de
|
data/lib/mrsk/cli/accessory.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
class Mrsk::Cli::Accessory < Mrsk::Cli::Base
|
2
2
|
desc "boot [NAME]", "Boot new accessory service on host (use NAME=all to boot all accessories)"
|
3
|
-
def boot(name)
|
3
|
+
def boot(name, login: true)
|
4
4
|
mutating do
|
5
5
|
if name == "all"
|
6
6
|
MRSK.accessory_names.each { |accessory_name| boot(accessory_name) }
|
@@ -10,7 +10,7 @@ class Mrsk::Cli::Accessory < Mrsk::Cli::Base
|
|
10
10
|
upload(name)
|
11
11
|
|
12
12
|
on(accessory.hosts) do
|
13
|
-
execute *MRSK.registry.login
|
13
|
+
execute *MRSK.registry.login if login
|
14
14
|
execute *MRSK.auditor.record("Booted #{name} accessory"), verbosity: :debug
|
15
15
|
execute *accessory.run
|
16
16
|
end
|
@@ -53,9 +53,13 @@ class Mrsk::Cli::Accessory < Mrsk::Cli::Base
|
|
53
53
|
def reboot(name)
|
54
54
|
mutating do
|
55
55
|
with_accessory(name) do |accessory|
|
56
|
+
on(accessory.hosts) do
|
57
|
+
execute *MRSK.registry.login
|
58
|
+
end
|
59
|
+
|
56
60
|
stop(name)
|
57
61
|
remove_container(name)
|
58
|
-
boot(name)
|
62
|
+
boot(name, login: false)
|
59
63
|
end
|
60
64
|
end
|
61
65
|
end
|
data/lib/mrsk/cli/traefik.rb
CHANGED
@@ -10,11 +10,16 @@ class Mrsk::Cli::Traefik < Mrsk::Cli::Base
|
|
10
10
|
end
|
11
11
|
|
12
12
|
desc "reboot", "Reboot Traefik on servers (stop container, remove container, start new container)"
|
13
|
+
option :rolling, type: :boolean, default: false, desc: "Reboot traefik on hosts in sequence, rather than in parallel"
|
13
14
|
def reboot
|
14
15
|
mutating do
|
15
|
-
|
16
|
-
|
17
|
-
|
16
|
+
on(MRSK.traefik_hosts, in: options[:rolling] ? :sequence : :parallel) do
|
17
|
+
execute *MRSK.auditor.record("Rebooted traefik"), verbosity: :debug
|
18
|
+
execute *MRSK.registry.login
|
19
|
+
execute *MRSK.traefik.stop, raise_on_non_zero_exit: false
|
20
|
+
execute *MRSK.traefik.remove_container
|
21
|
+
execute *MRSK.traefik.run, raise_on_non_zero_exit: false
|
22
|
+
end
|
18
23
|
end
|
19
24
|
end
|
20
25
|
|
data/lib/mrsk/commands/lock.rb
CHANGED
data/lib/mrsk/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mrsk
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.15.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Heinemeier Hansson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-07-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -243,7 +243,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
243
243
|
- !ruby/object:Gem::Version
|
244
244
|
version: '0'
|
245
245
|
requirements: []
|
246
|
-
rubygems_version: 3.4.
|
246
|
+
rubygems_version: 3.4.16
|
247
247
|
signing_key:
|
248
248
|
specification_version: 4
|
249
249
|
summary: Deploy web apps in containers to servers running Docker with zero downtime.
|